pusa01aidnv3blkbsa01.blob.core.windows.net

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 20.209.69.193, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is pusa01aidnv3blkbsa01.blob.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on March 27th 2024. Valid for: a year.

This is the only time pusa01aidnv3blkbsa01.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	20.209.69.193 20.209.69.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.245.60.116 18.245.60.116	16509 (AMAZON-02) (AMAZON-02)
4	2

2 20.209.69.193 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pusa01aidnv3blkbsa01.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-116.fra60.r.cloudfront.net

sky.blackbaudcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	blackbaudcdn.net sky.blackbaudcdn.net — Cisco Umbrella Rank: 20880	120 KB
2	windows.net pusa01aidnv3blkbsa01.blob.core.windows.net	17 KB
4	2

	Domain	Requested by
2	sky.blackbaudcdn.net	pusa01aidnv3blkbsa01.blob.core.windows.net sky.blackbaudcdn.net
2	pusa01aidnv3blkbsa01.blob.core.windows.net
4	2

This site contains links to these domains. Also see Links.

Domain
docs.blackbaud.com

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 08	`2024-03-27` - `2025-03-22`	a year	crt.sh
sky.blackbaudcdn.net Amazon RSA 2048 M01	`2023-07-10` - `2024-08-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
Frame ID: 581A322D416FD95713DE3E65E4DD54E7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MFA Enrollment

Page URL History Show full URLs

http://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html HTTP 307
https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

137 kB
Transfer

527 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.blackbaud.com/bbid-docs/get-started/multi-factor-auth
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html HTTP 307
https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request mfaphone.html Show response
pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/
Redirect Chain

http://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html

16 KB
17 KB

544ms
132ms

Document
text/html

20.209.69.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.69.193 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c9776089cad599ee207f95bf95fc00c8ab5ead648673ffa2ecb4c67ca70c8853

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 16664
Content-MD5: T0JjM5aGWCZxnnvQCiQiHQ==
Content-Type: text/html
Date: Wed, 24 Apr 2024 16:45:16 GMT
ETag: 0x8DC63AC54DAFC1E
Last-Modified: Tue, 23 Apr 2024 15:44:58 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Vary: Origin
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e6a38869-201e-001e-6866-965602000000
x-ms-version: 2009-09-19

Redirect headers

Location: https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 sky-bundle.css
sky.blackbaudcdn.net/skyux/1.23.0/css/ 474 KB
83 KB 127ms
28ms Stylesheet
text/css 18.245.60.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.blackbaudcdn.net/skyux/1.23.0/css/sky-bundle.css
Requested by: Host: pusa01aidnv3blkbsa01.blob.core.windows.net
URL: https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-116.fra60.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3d908aeddba40419e75883fb7cf96a7f44d6a9a510e31c0d3ea0d644c7f61763

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pusa01aidnv3blkbsa01.blob.core.windows.net/
Origin: https://pusa01aidnv3blkbsa01.blob.core.windows.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 15:36:16 GMT
content-encoding: gzip
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 436140
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
last-modified: Wed, 19 Jun 2019 19:59:40 GMT
server: Microsoft-IIS/10.0
etag: "7f5bb87d926d51:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XN6qQEPh9HoeWA1SfkrQAEjTXrsu-MOg1-0qjgyCN8b79xFGKIHhMQ==

GET
H2 200 blackbaud-sans.woff
sky.blackbaudcdn.net/skyux-fonts/1.0.1/ 37 KB
37 KB 25ms
24ms Font
application/font-woff 18.245.60.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyux-fonts/1.0.1/blackbaud-sans.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyux/1.23.0/css/sky-bundle.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-116.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b2a3af53e1bdca463891c6552648f98324e3d8adc9cba653190e656bce294a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sky.blackbaudcdn.net/skyux/1.23.0/css/sky-bundle.css
Origin: https://pusa01aidnv3blkbsa01.blob.core.windows.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 15:36:19 GMT
via: 1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P5
age: 436139
x-cache: Hit from cloudfront
content-length: 37436
last-modified: Tue, 19 Sep 2017 14:25:13 GMT
server: AmazonS3
etag: "f214728606d42a6c3de933aea8a8d034"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Origin
accept-ranges: bytes
x-amz-cf-id: HSnM6eK8HKJ8Bs4-4Vxiln6ZAiOzS4VTOIveY9jjx2txw91aFFD_cw==

GET
H/1.1 400
One of the request inputs is out of range. favicon.ico
pusa01aidnv3blkbsa01.blob.core.windows.net/ 226 B
499 B 130ms
130ms Other
application/xml 20.209.69.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://pusa01aidnv3blkbsa01.blob.core.windows.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.69.193 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bd5949a83013ca6526e99d55254a7144484d06690a5c4e03ac31fb49e5e837a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pusa01aidnv3blkbsa01.blob.core.windows.net/uitemplates/mfaphone.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: e6a38948-201e-001e-3366-965602000000
Date: Wed, 24 Apr 2024 16:45:16 GMT
Server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
Content-Length: 226
Vary: Origin
Content-Type: application/xml

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| applyB2CAddOns

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pusa01aidnv3blkbsa01.blob.core.windows.net/favicon.ico Message: Failed to load resource: the server responded with a status of 400 (One of the request inputs is out of range.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pusa01aidnv3blkbsa01.blob.core.windows.net
sky.blackbaudcdn.net
18.245.60.116
20.209.69.193
3d908aeddba40419e75883fb7cf96a7f44d6a9a510e31c0d3ea0d644c7f61763
b2a3af53e1bdca463891c6552648f98324e3d8adc9cba653190e656bce294a33
bd5949a83013ca6526e99d55254a7144484d06690a5c4e03ac31fb49e5e837a4
c9776089cad599ee207f95bf95fc00c8ab5ead648673ffa2ecb4c67ca70c8853

pusa01aidnv3blkbsa01.blob.core.windows.net Open in urlscan Pro 20.209.69.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

137 kBTransfer

527 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pusa01aidnv3blkbsa01.blob.core.windows.net Open in urlscan Pro
20.209.69.193 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

137 kB
Transfer

527 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions